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' Abstract 

l_J , Short-circuit evaluation denotes the semantics of propositional connectives in which 

the second argument is evaluated only if the first argument does not suffice to determine 
| the value of the expression. In programming, short-circuit evaluation is widely used. 

A short-circuit logic is a variant of propositional logic (PL) that can be defined 
by short-circuit evaluation and implies the set of consequences defined by a module 
SCL. The module SCL is defined using Hoare's conditional, a ternary connective com- 
parable to if-then-else, and implies all identities that follow from four basic axioms for 
' the conditional and can be expressed in PL (e.g., axioms for associativity of conjunc- 

, tion and double negation shift). In the absence of side effects, short-circuit evaluation 

(f) ■ characterizes PL. However, short-circuit logic admits the possibility to model side ef- 

fects. We use sequential conjunction as a primitive connective because it immediately 
relates to short-circuit evaluation. Sequential conjunction gives rise to many different 
short-circuit logics. The first extreme case is FSCL (free short-circuit logic), which 
characterizes the setting in which evaluation of each atom (propositional variable) can 
yield a side effect. The other extreme case is MSCL (memorizing short-circuit logic), 
the most identifying variant we distinguish below PL. In MSCL, only static side effects 
, can be modelled, while sequential conjunction is non-commutative. We provide sets of 

» I ■ equations for FSCL and MSCL, and for MSCL we have a completeness result. 

' Extending MSCL with one simple axiom yields SSCL (static short-circuit logic, or 

sequential PL), for which we also provide a completeness result. We briefly discuss two 
variants in between FSCL and MSCL, among which a logic that admits the contraction 
of atoms and of their negations. 

Key Words and Phrases: Non-commutative conjunction, conditional composition, re- 
active valuation, sequential connective, short-circuit evaluation, side effect. 
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1 Introduction 

Propositional statements are built up from propositional variables and connectives, and 
possibly constants for true and/or false, for which we use the notation T and F, respectively. 
For brevity, a propositional variable is further called an atom. 

*J.A. Bergstra acknowledges support from NWO (project Thread Algebra for Strategic Interleaving). 
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Our starting point concerns short- circuit evaluation and side effects, and can be captured 
by the following question: "Given some programming language, what is the logic that implies 
the equivalence of conditions, notably in if-then-else and while-do constructs and the like?" 
In the (hypothetical) case that a programming language prohibits the use of conditions that 
yield side effects this underlying logic is just propositional logic (PL), but in most cases 
it certainly is not PL. In this paper we consider a few sequential variants of PL in which 
conjunction is not commutative and we shall use a fresh notation for sequential conjunction. 
We specify these logics in an equational style (cf. an equational basis of PL comprising 
x V -ix = T as an axiom) because otherwise we would have to mix sequential connectives 
with classical connectives such as which would obscure the presentation. 

Consider the following example, taken from the MatLarj^ documentation about short- 
circuit evaluation of conjunction that explains a certain form of sequential conjunction. 

Example 1. Logical Operators: Short-circuit kk I I 
Logical operations, with short-circuiting capability 

Syntax 

exprl kk expr2 
exprl I I expr2 

Description 

exprl kk expr2 represents a logical AND operation that employs short-circuiting behavior. With short- 
circuiting, the second operand expr2 is evaluated only when the result is not fully determined by the 
first operand exprl. For example, if A = 0, then the following statement evaluates to false, regardless 
of the value of B, so the MATLAB software does not evaluate B: 

A kk B 

These two expressions must each be a valid MATLAB statement that evaluates to a scalar logical result, 
exprl I I expr2 represents a logical OR operation that employs short-circuiting behavior. 

Note Always use the kk and I I operators when short-circuiting is required. Using the 
elementwise operators (ft and I) for short-circuiting can yield unexpected results. 

Examples 

In the following statement, it doesn't make sense to evaluate the relation on the right if the divisor, b, 
is zero. The test on the left is put in to avoid generating a warning under these circumstances: 

x = (b "= 0) kk (a/b > 18.5) 

By definition, if any operands of an AND expression are false, the entire expression must be false. So, 
if (b ~= 0) evaluates to false, MATLAB assumes the entire expression to be false and terminates its 
evaluation of the expression early. This avoids the warning that would be generated if MATLAB were 
to evaluate the operand on the right. 
End example. 

Clearly, conjunction as discussed in this example is not commutative: the results of a 
short-circuit evaluation of A kk B and of B kk A can be different (observe that negation is 
evaluated in the expected way). This raises the following question: "Which (equational) 

1 http : //www .mathworks . com/access/helpdesk/help/techdoc/index . html 

2 Other names used for short-circuit evaluation are Minimal evaluation and McCarthy evaluation. 
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laws are valid in a setting with short-circuit evaluation, in particular if we restrict to true 
and false as the only possible truth values?" Here is a list of more specific questions, where 
we write for the negation of A: 

- Is the double negation shift ( — > — iA = A) valid? 

- Are kk and I I associative? 

- Are De Morgan's laws (->(A && B) = ->A II ->B and its dual) valid? 

- Is the law of the excluded middle valid, that is, does A | | ->A = T hold? 

- Does A && F = F hold? 

- Are kk and I I idempotent? 

- Are the sequential versions of laws for distributivity of kk and I I valid? 

- Do kk and I I satisfy sequential versions of absorption, e.g., (A II B) kk A = A? 

The answer to the last question with respect to the mentioned version of absorption is 
NO if wc allow erroneous statements: assume 

A= ((b ~= 0) kk (a/b > 18.5)) 

as in Example Q] and B = (a/b > 18.5), and suppose (b ~= 0) does not hold, thus eval- 
uation of A yields false. Then B will be evaluated in (A II B) kk A, which will lead to an 
error, and thus (A II B) tt A / A. But also if each statement evaluates to either true or 
false, the answer to the last question should be NO because the evaluation of B can yield a 
side effect that changes the second evaluation of A. For the same reason, right-distributivity 
of kk, thus 

(A II B) && C = (A && C) I I (B kk C) 

is not valid, and neither are the law of the excluded middle and the identity A kk F = F. 

A side effect takes place in the evaluation of a propositional statement A if the evaluation 
of one of its atoms changes the evaluation value of one or more atoms to be subsequently 
evaluated in A. For example, a valuation (interpretation function) / can be such that /(A) = 
/(B) = T, while /(A kk B) = F because the side effect of /(A) is that /(B) has become F. 
This immediately implies that side effects and symmetric connectives do not go together. 
Side effects can be modeled by valuations that are defined on strings of atoms instead of 
only on a set of atoms. We call a side effect static if within the evaluation of a propositional 
statement the value of each atom remains fixed after its first evaluation. So, a valuation 
that admits static side effects is determined by its definition on the set of strings of atoms 
in which each atom occurs at most once. In the setting of static side effects, sequential 
conjunction is not commutative if at least two atoms are involved. 

In order to analyze short-circuit evaluation in a systematic way, we use so-called left- 
sequential conjunction 

x c/\ y 

where the particular asymmetric notation is taken from [2] : the small circle indicates which 
argument must be evaluated first. As a consequence, other connectives such as left-sequential 
disjunction V and right-sequential conjunction have a straightforward notation. Thus, 
conjunction that is subject to short-circuit evaluation is further called left-sequential con- 
junction, and in x </\ y it is required that first x is evaluated and if this yields false then the 
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conjunction yields false; if the evaluation of x yields true, then y is evaluated and determines 
the overall evaluation result. So x J\ y satisfies the "equation" 

x js y — if x then y else F , 

which characterizes the short-circuit evaluation of left-sequential conjunction. We use Hoare's 
notation x < y > z for if y then x else z and four of his equational laws that express basic 
identities between conditional expressions, and we define an (indirect) axiomatization SCL 
(abbreviating short-circuit logic) that implies all consequences that follow from these four 
axioms and that can be expressed using only T, -i and J\. As an example, axioms expressing 
the associativity of conjunction and the double negation shift are consequences of SCL. We 
formally define SCL with help of module algebra [3]. 

We define short-circuit logic in a generic way: a short-circuit logic is any logic that implies 
all consequences of SCL. We note that in each short-circuit logic the constant F and left- 
sequential disjunction V arc definable in the expected way, and SCL implies De Morgans's 
laws for left-sequential connectives. So, the answers to the first three questions listed above 
are YES. We use the name free short-circuit logic, or briefly FSCL, for the most basic one 
among these logics: FSCL implies no more consequences than SCL (thus identifies "as least 
as possible" propositional statements) and is a reasonable short-circuit logic in the sense 
that realistic examples and counter-examples can be found. We do not know whether the 
logic FSCL has a straightforward and simple equational basis, but we come up with a list 
of axioms that is sound and that provides the answers to all remaining questions: all these 
answers are NO. 

Next we propose Memorizing short-circuit logic, or briefly MSCL, as the variant of SCL 
that identifies "as much as possible" below PL. We claim that MSCL is a reasonable candi- 
date for modeling short-circuit evaluation in a context where only static side effects occur. 
MSCL has a straightforward and relatively simple equational basis. We will show that in 
MSCL the answers to the "remaining questions" mentioned are NO (x V ->x = T), NO 
(x J\ F = F ), YES (idempotency of J\ and <V), SOME (distributivity laws), SOME (ab- 
sorption laws). 

The further contents of the paper can be summarized as follows: Hoare's conditionals 
were the starting point for our work on proposition algebra, and both these works are briefly 
discussed in Section[5]because they are used to define SCL. In Scction[3]we provide a generic 
definition of a short-circuit logic and we define FSCL as the least identifying short-circuit 
logic we distinguish. In Section [4] we define MSCL, the most identifying short-circuit logic 
below PL that we distinguish. In Section [5] we consider some other variants of short-circuit 
logic. We end the paper with some conclusions in Scction|6] The three appendiceslAllBlandlCl 
contain an example program in Perl, some detailed proofs, and a simple axiomatization of 
PL, respectively. 

2 Short-circuit evaluation and proposition algebra 

In this section we briefly discuss proposition algebra [6], which has sort-circuit evaluation as 
its natural semantics and provides the means to define short-circuit logic. 
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x < T > y = x 
x < F > y = y 
T <\x\> F = x 
x < (y < 2 > u) > v = (x < y > u) < z > {x < u > v) 



(CP1) 
(CP2) 
(CP3) 
(CP4) 



Table 1: The set CP of axioms for proposition algebra 



2.1 Hoare's conditional and proposition algebra 

In 1985, Hoare introduced in the paper |10j the ternary connective 

x < y > z, 

and called this connective the conditional^ A more common expression for the conditional 

x <s y > z is 

i/ j/ then x else z 

with x, y and z ranging over propositional statements. However, in order to reason system- 
atically with conditionals, a notation such as x < y > z seems indispensable. In [TU], Hoare 
proves that PL can be equationally characterized over the signature Ecp = {T, -F, _ < _ > _} 
and provides a set of elegant axioms to this end, including those in Table [TJ 

In our paper [B] we introduce proposition algebra and we define varieties of so-called 
valuation algebra's. These varieties serve the interpretation of a logic over Ecp by means of 
short-circuit evaluation: in the evaluation of t\ <t% \>t%, first ti is evaluated, and the result 
of this evaluation determines further evaluation; upon evaluation result true, t\ is evaluated 
and determines the final evaluation result (t^ is not evaluated); upon evaluation result false, 
£3 is evaluated and determines the final evaluation result (t\ is not evaluated). 

All varieties discussed in [B] satisfy the axioms in Table [TJ while the most distinguishing 
variety is axiomatized by exactly these four axioms. We write CP for this set of axioms 
(where CP abbreviates conditional propositions) and =/ r (free valuation congruence) for 
the associated valuation congruence. Thus for each pair of closed terms t,t' over Ecp, i.e., 
terms that do not contain variables, but that of course may contain atoms (propositional 
variables), 

CP h t = t' <^=> t = f r t'. 

In |12j it is shown that the axioms of CP are independent, and also that they are w-complctc 
if the set of atoms involved contains at least two elements. 

With the conditional as a primitive connective, negation can be defined by 
-nx = F < x > T, 

3 Not to be confused with Hoare's conditional introduced in in his 1985 book on CSP [9] and in his 
well-known 1987 paper Laws of Programming [8] for expressions P <3bo Q with P and Q programs and b a 
Boolean expression; these sources do not refer to [10| that appeared in 1985. 



and the following consequences are easily derived from the extension of CP with negation: 

f = -vr, 

-i-ix = x, 
-i(x <y > z) = ->x < y > -iz, 
ie < -ij/ > z = z < y > x. 

Furthermore, left-sequential conjunction x j\ y can be defined in CP by 

x Js y — y <x> F, 
and left-sequential disjunction V can be defined by 

either x V y = — 1( — ia; J\ ->y) or x c \/y = T<ixt>y. 

A proof of the latter inter-definability is as follows: 

->{->x </\ -.y) = F < ((F < y > T) < (F < x > T) > F) > T 

= F<](F<]a;>(F«yl>T))>T by (|CP4]) . ([CP2]) and ([CP"T) 

= T <x> (F < (F <yt>T)>T) by (|UP4]) and (|UP2)l 

= T<x>(T<y>F) bv (|UP4)l . (ICP2l) and rtCPTj) 

= T<a;l></. by JCP3]) 

The connectives J\ and V are associative and the dual of each other. For J\ a proof of 
this is as follows: 

(x J\ y) J\ z = z < (y <x> F) > F 

= (z < y > F) < x > (z < F > F) 
= (z<ly>F)<]a:l>F 

= s cA (y «), 

and duality (a sequential version of Dc Morgan's laws) immediately follows from the first 
definition of V . Finally, observe that from CP extended with defining equations for J\ and 
V the following equations (and their duals) are derivable: 

T J\ x = x, x J\ T = x, T*V x = T, 

in contrast to x V T = T (and x J\ F = F). 

A typical inequality is a J\ a ^f r a where a is an atom: an evaluation can be such that 
a J\ a yields false, while a yields true. 

2.2 Memorizing CP 

CP can be strengthened in various ways, among which its extension to CP mem defined by 
adding this axiom to CP: 

x <y > (z <uf> (v <y > w)) = x <y > (z <u> w). (CPmem) 
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The axiom ([CPmemP expresses that the first evaluation value of y is memorized. With 
u = F we find the contraction law 



x <y > (v <y >w) = x <y >w, (1) 
and replacing y by yields with x<i^y>z = z<y>x the symmetric contraction law 

(w<iyt>v)<iy!>x = w<y>x. (2) 

A simple consequence of contraction is the idempotence of 

x J\ x = x <x> F 

= {T<x>F)<x>F 
= T<x\>F 



Furthermore, we will use the fact that replacing in axiom (jCPnicm|) the variables y and/or 
u by their negation yields various equivalent versions of this axiom, in particular, 

{x <l y > (z < u > v)) <ut> w = (x <y > z) <u> w, (CPmcm') 
x < y > ((z <ut> v) <y > w) = x <iy > (v <ut> w). (CPmem") 

We use the name "memorizing CP" for the signature and axioms of CP mern . In memo- 
rizing CP extended with defining equations for -> and J\, the conditional is definable: V is 
expressible, and 

(y J\ x) V (-.y J\ z) = T < (x < y > F) > (z < (F < y > T) > F) 

= T<(x<y>F)>(F<y>z) by (jCP4)) and (CP 1,2) 

= (T<ia;[>(.F<l2/l>z))<iyl>(-F<lyl>z) by (jCP4)) and (jCP2|) 

= (T < x > F) < y > 2 by (|CPmcm'|) and (TTJ) 

= x<y>z. by (|CP3|) 

Another (equivalent) definition is x < y > z = (y V z) ^\ (-ij/ *fy x). In Section 0] we provide 
axioms over the signature {T, ~', c /\} that define F and V , and that constitute an equational 
basis for CP mem . 

We write = mem (memorizing valuation congruence) for the valuation congruence axiom- 
atized by CP mem : in [B] we prove that for each pair of closed terms t, t' over Ecp, 

CV \- + — i 1 . ' f — +' 

mem 1 L L ^ r L mem v • 

From the above-mentioned consequence x J\ x = x it follows that = mem identifies more than 
=/ r , and a typical inequality is a J\ b / mem b J\ a when a and b are different atoms: an 
evaluation can be such that a J\ b yields true and b J\ a yields false. (In the deprecated case 
that propositional statements may contain at most one atom, J\ is commutative in CP mem , 
see [S1[T2] for more details.) 
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2.3 Static CP 



The most identifying extension of CP that we distinguished in [B] is defined by adding to 
CP both the axiom 

(x < y > z) < u > v = [x < u > i>) < y > (z < u > u) (CPstat) 

and the contraction law ([2]): 

a; < y > (v < y > iu) = a; < y > w. 

We write CP s t a t for this extension and we use the name "static CP" for the signature and 
axioms of CP s t Q t. The axiom (|CPstat[) expresses how the order of evaluation of u and 
y can be swapped. In [6] we prove that CP s t a t and Hoare's axiomatization in |10j are 
inter-derivable, which implies that all tautologies of PL can be proved in CP s t a t according 
to the following procedure: first, replace all symmetric connectives by their left-sequential 
counterparts, then use the translations to conditional expressions discussed in Section 12.11 
We return to this point in Section 15.11 The valuation congruence that is axiomatized by 
CPstat is called static valuation congruence. 

A simple consequence in CP s tat is 

v = v < y > v (3) 

(take u — F in axiom (|CPstat(0 . and with this equation one easily derives x J\ y = y J\ x: 

x J\ y = y <x> F 

= (T<y>F)<x>F by ([C"P3j) 

= (T < x > F) < y > (F < x > F) by (jCPstatj) 

= x < y t> F by (jCP3l) and © 

= y cA x. 



We stated in Section [T] that the presence of side effects refutes the commutativity of 
J\. This implies that in static CP and PL, it is not possible to express propositions with 
side effects, which perhaps explains best why static valuation congruence seems the most 
interesting and well-known (two-valued) valuation congruence. Nevertheless, we found that 
short-circuit evaluation and sequential connectives brought an interesting perspective on this 
valuation congruence. In fact, short-circuit logic turned out to be a crucial tool in finding an 
axiomatization of static valuation congruence that is more simple and elegant than CP S f a t, 
as we will show in Section [5. II 



3 Free short-circuit logic: FSCL 

In this section we provide a generic definition of a short-circuit logic and a definition of 
FSCL, the least identifying short-circuit logic we consider. In Section I3~2l we define a set of 
equations that is sound in FSCL and raise the question of its completeness. 
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3.1 A generic definition of short-circuit logics 

We define short-circuit logics using Module algebra [3]. Intuitively, a short-circuit logic is a 
logic that implied all consequences that can be expressed in the signature {T, J\} of some 
CP-axiomatization. The definition below uses the export-operator □ of module algebra 
to define this in a precise manner, where it is assumed that CP satisfies the format of a 
module specification. In module algebra, S □ X is the operation that exports the signature 
S from module X while declaring other signature elements hidden. In this case it declares 
conditional composition to be an auxiliary operator. 

Definition 1. A short-circuit logic is a logic that implies the consequences of the module 
expression 

SCL = {T,-,^} □ (CP 

+ ( -ix = F < x > T ) 

+ ( x j\ y — y < x > F)). 

As an example, SCL I — i-ix = x can be proved as follows: 

-.-.a; = F <(F <x>T)>T 

= (F < F t> T) < x > (F < T > T) 
= T<xt>F 
= x. 

Following Definition [TJ the most basic (least identifying) short-circuit logic we distinguish 
is the following (but see item 1 in the paragraph on Future work in Section [5] about leaving 
out T in the exported signature). 

Definition 2. FSCL (free short-circuit logic) is the short-circuit logic that implies no 
other consequences than those of the module expression SCL. 

3.2 Equations for FSCL 

Although the constant F does not occur in the exported signature of SCL, we discuss FSCL 
using this constant to enhance readability. This is not problematic because 

CP + ( -.x = F < x > T ) h F = -T, 

so F can be used shorthand for ->T in FSCL. 

In Table [2] we provide equations for FSCL: equation (|SCL1[) defines F, and equations 
(|SCL2I) - (|SCL7P are derivable in FSCL (cf. the similar equations in Section [2TT|1 . Also, 
equations (|SCL8|) — (|SCL10[) are derivable in FSCL (see Proposition [TJ. Some comments: 

• Equation (|SCL8I) defines a property of the mix of negation and the sequential connec- 
tives: its left-hand side states that if evaluation of x yields false, then y j\ (z J\ F) is 
subsequently evaluated and this is also is the case for its right-hand side; if evaluation 
of x yields true, then z J\ F is evaluated next (while y is not) and leads to false, which 
also is the case for its right-hand side (the second conjunct is not evaluated). 

4 Or, if one prefers the semantical point of view, "satisfies". 
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F = -T (SCL1) 

x^y = ^x^^y) (SCL2) 

-r^x = x (SCL3) 

T J\ x = x (SCL4) 

x J\ T = x (SCL5) 

F J\x = F (SCL6) 

(x J\ y) £ z = x £ (y J\ z) (SCL7) 

(x^y)j\(z^F) = (na V (z J\ F)) J\ (y ^ (z J\ F)) (SCL8) 

(^!/)^ Z VT),(^(zH/ D) <V (y ^ (z V T)) (SCL9) 

((a:^^)V 2 /)^z = (x^^)V(y^2) (SCL10) 



Table 2: EqFSCL, a set of equations for FSCL 

• Equation (|SCL9|) defines a restricted form of right-distributivity of J\, and so does 
equation (|SCL10p (observe that (x J\ F) J\ z = x j\ F is derivable). 

We use the name EqFSCL for this set of equations and we note that equations (|SCL2j) and 
(|SCL3|) imply sequential versions of De Morgan's lawsjl which allows us to use the duality 
principle. 

Observe that EqFSCL docs not contain the equation 
x J\ F = F. 

This illustrates a typical property of a logic that models side effects: although it is the case 
that for each closed term t, evaluation of t J\ F yields false, the evaluation of t might also 
yield a side effect. However, the same side effect and evaluation result are obtained upon 
evaluation of -if J\ F, and this explains a simple consequence of equation (|SCL8j) (take 
V = z = F): 

x Js F = -.a; J\ F. (SCL8*) 

This consequence implies another useful consequence that can be derived as follows: 

(x <V y) J\ F = -,(* ^y)j\F 
= (-tx J\^y)j\F 
= ^x J\ (-.y J\ F) 
= ^x^(yJ\F). 

With y = T we find (x'V T)J\F= F = xJ\F, and with the dual (xj\ F)VT = xVT 
we derive 

(x V T) J\ y = ( {x ^F)VT)^y 

= (x J\F)^(T^ y) by (|SCLT0| 

= (x J\F)Vy. 

5 These are —t(x J\ y) = V -iy and —i(x V y) = -^x /\ —>y. 
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perl Not.pl 



$x=0 (assignment) 

"(($x=$x+l) kk not($x=$x+l)) II $x==2" is true 
$x=0 (assignment) 

" (not($x=$x+l) kk ($x=$x+l)) II $x==2" is false 



Figure 1: A run of a Perl program Not .pi exemplifying A kk not (A) ^ not (A) kk A 



Proposition 1 (Soundness). The equations in EqFSCL (see Tabled are derivable in FSCL. 

Proof. Trivial. As an example we prove equation (|SCL10[) . where we use that V can be 
defined in FSCL in exactly the same way as is done in Tableland that y = -i(—ix < J\ ->y) = 
T <\x\>y, where the latter identity follows in CP extended with defining equations for -i and 
J\ (cf. Section HH]): 

((a: J\ F) V y) J\ z = z < (T< (F < x > F) >y) > F 
= z<(y<x>y)>F 
= (z <y> F) <x> (z <yt> F) 
= T < (F < x > F) > (z < y > F) 
= {xJ\F)V (y^z). 

□ 



by (ICP41) and (ICPl) 
by dSFH) 

by (ICTMl) and dCT 7 !]) 



The programming language Perl [TT] can be used to illustrate our claim that FSCL 
defines a reasonable logic because Perl's language definition is rather liberal with respect to 
conditionals and satisfies all consequences of FSCL. In Perl, the simple assignment operator 
is written = and there is also an equality operator == that tests equality and returns either 
T or F. An assignment is comparable to a procedure that is evaluated for the side effect 
of modifying a variable and regardless of which kind of assignment operator is used, the 
final value of the variable on the left is returned as the value of the assignment as a whole. 
This implies that in Perl assignments can occur in if-then-else statements and then the final 
value of the variable on the left is interpreted as a Boolean. In particular, any number is 
evaluated true except for 0. For this reason, Perl can be used to demonstrate that certain 
laws that perhaps seem reasonable, should not be added to FSCL, as for example these: 

x J\ x = x, 
X £\ —ix = ->x (/\ X. 

It is not hard to write Perl programs that demonstrate the non-validity of these identities. As 
an example, consider the run perl Not .pi of the Perl program Not .pi depicted in Figure Q] 
that shows that 

A && not (A) =not(A) && A 

does not hold in Perl, not even if A is an "atom" , as in the code of Not . pi (see Appendix [S] 
for this code). 
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F = 


->T 


(ISCL1I) 




-.(-.i J\ ->y) 


(1SCL2D 


-i—iX = 


X 


(|SCL3|) 


Tj\x = 


X 


(1SCL4I) 


x^T = 


X 


(1SCL5I) 


Fj\x = 


F 


(|SCL6|) 


(xj\y)j\z = 


x A (y <A z ) 


(ISCL7I) 


xJ\F = 


^xJ\F 


(|SCL8*p 


x J\ (x V y) = 


X 


(MSCL1) 


x J\(yV z) = 


(xj\y)^(xj\ z) 


(MSCL2) 


(x V y) J\ (-ix Vz) = 


(-.1 (a: V y) 


(MSCL3) 


((x J\ y) V (-nx J\ z)) J\u = 


(x^/ (zj\u))j\(^x^ (yj\u)) 


(MSCL4) 



Tabic 3: EqMSCL, a set of axioms for MSCL. 



While not having found any equations that are derivable in FSCL and not from EqFSCL, 
we failed to prove completeness of EqFSCL in the following sense: 

For all SCL-tcrms t and f, EqFSCL ht = t' FSCL ht = t'. 

(Of course, follows from Proposition [T]) 

4 Memorizing short-circuit logic: MSCL 

In this section we define a "most liberal" short-circuit logic in which (only static) side effects 
can occur and in which J\ is not commutative. 

Definition 3. MSCL (memorizing short-circuit logic) is the short-circuit logic that 
implies no other consequences than those of the module expression 

{T, ->, cM □ (CP me 1 11 

+ ( -nx = F < X > T ) 

+ (xJ\y = y<x>F)). 

According to Definition [TJ MSCL is a short-circuit logic because CP mem is an axiomatic 
extension of CP (CP mem = CP + ( (|CPmcm|) ), see Section [2~2l) . In Section [47T1 we provide 
axioms for MSCL and in Section l4~2l we prove their completeness. 

4.1 Axioms for MSCL 

In Table [3] we present a set of axioms for MSCL and we call this set EqMSCL. Axioms 
(jSCLip — (|SCL7|) occur in EqFSCL (see Table [2]) and thus need no further comment, and 
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neither does axiom (|SCL8*|) . Some comments on the new axioms (|MSCL1[) - (|MSCL4[) 
(each of which is not a consequence of EqFSCL), where we use the notation (n)' for the 
dual version of axiom (n): 

• Axiom (jMSCLip defines a sequential form of absorption that implies the idempotence 
of J\ (with (ISCL5)) 7 and y = F) and V 

• Axiom (IMSCL2[) defines the left-distributivity of J\ , and that of V follows by duality. 

• Axiom (|MSCL3p and its dual define a restricted form of commutativity of j\ and V , 
reminiscent of the identity y < x > z = z < ->x > y. We will sometimes use this identity 
with y and/or z equal to F, as in x J\ (->x V z) = (->x Vz),/\i. 

• Axiom (|MSCL4p is a combination of two more comprehensible equations: first, with 
u = T it yields 

(x J\y)V (-.a: J\ z) = (x V z) J\ (-x <V y), (4) 

which introduces another defining equation for y < x > z (cf. the identity y < x > z = 
(x J\ y) V (-12; J\ z) discussed in Section [52]) . Application of Q to the right-hand side 
of equation (|MSCL4[) reveals a restricted form of right-distributivity of J\ : 

((x J\ y) <V (-.a; £ z)) J\ u = (x ^ (y J\ u)) V (-« ^ (z ^ u)), (5) 

and with y = x and z = ->x this yields 

(x V -a:) </\ it = (x </\ u) V (-.x </\ u). (6) 

Right-distributivity is restricted in (|5|) in the sense that the "guards" x^ .. and ->xj\.. 
must be present; if this were not the case we obtain e.g. (T V z) J\ u = T J\ 
while (T </\ m)V (z J\u) = u'V (z J\u) and the equation u = tiV (zj\u) defines a form 
of absorption that is not valid (we explain this below). Conversely, axiom (|MSCL4|) 
follows from equations (@| + © in MSCL and can be replaced by these two equations 
if one prefers elegance to conciseness. 

The EqFSCL-equations (|SCL8|) - (|SCL10j) are derivable from EqMSCL (sec Appendix E) . 
Observe that xj\ F = F is not present in EqMSCL. In fact, the addition of this equation to 
EqMSCL yields an equational characterization of PL (in sequential notation), as we prove in 
Section l5Tl As discussed in the introduction, MSCL does not imply commutativity of xj\ y 
(apart from the case of axiom (|MSCL3p ). but otherwise has some familiar consequences. 
However, the absorption law (jMSCLlI) and its dual are the only variants of absorption that 
occur in MSCL. The other variants are xj\ (yVx) = x and (y'\/x)j\x = x and (x < Vj/) ( /\x = x 
(and their duals). The first two immediately imply i/V T = T, and the third one with x = F 
implies y J\ F = F. 

We end this section with a result on the soundness of MSCL. 
Proposition 2 (Soundness). The axioms of EqMSCL (see Tabled are derivable in MSCL. 

Proof. We use that *V can be defined in exactly the same way in MSCL as in EqMSCL (cf. 
the proof of Proposition [I) . With respect to the soundness of EqMSCL, axiom (|MSCL4I) . 
i.e., 

{{x J\ y) V (-.a: ( /\z)) ( /\ii=(i < V(z ( j\ u)) J\ (-.a: V (y J\ u)), 
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is the only non-trivial case. Write L = R for axiom l|MSCL4|) . then 

L = u < (T < (y < x > F) > (F < x > z)) > F 

= u < (y < x > F) > (u < (F < x > z) > F) by (|CP4|) and (|CP1|) 

= u<(y<a;>F)l>(F<;ri>(it<l,2>F)) by (jUP4|) and fCT2)) 

= [it < y > (F < x > (it < z > F))} <x>[F<x>(u<z> F)] by (|CP4[) 

= (u <y > F) < x > (u < z > F) by (jCPmcm'|) and Q 

= (u < y > F) < sc > (T < (it < z > F) > F) by (fCPTj) 

= [(it «y>F)«:z:[>T']<a;> 

[((it <y>F)<x>T)<(u<z>F)>F] by © and (|CPmcm"j) 

= [(it < y > F) < .t > T] < (T < a; > (it < z > F)) > F by |CP4)) and (jCPT|) 

= R. 

□ 

4.2 A complete axiomatization of MSCL 

In this section we prove that EqMSCL is a complete axiomatization of MSCL. We first 
derive a number of useful consequences that follow from EqMSCL, notably: 

x J\ -nx = x J\ F, (7) 

xJ\y = x^(->xVy), (8) 

xj\(y^((xj\z)^ O J\ «))) =^(^4 (9) 

x ^{y J\x)^x j\y, (10) 

(x^y) Vz = (xj\ (y V z)) V (-tx^z). (11) 

Equations (fTU|) and (fTTj) will be used in the next section and in Appendix [Bj respectively. 

• Equation ((TJ can be derived as follows: 

xj\->x = (x V F) J\ (-a <V F) 

= (x ^ F) V (^ ^ F) by Q 

- (x ^ F) V (X </\ F) by (ISCLrT) 

= s <A F, 

and hence, ->x ,/v x = —ix J\ ->-<x = —ix J\ F = x J\ -*x. Note that the dual of ([7]), thus 

x *V ~^x = x V T, 
can be seen as a weak version of the law of the excluded middle. 

• Equation © can be derived as follows: 

xJ\y = x^(F^y) by (ISCL4T 

= (a ^ F) V (x J\ y) by (|MSCL2p 

= (a ^ -a) V (a </\ y) by © 

= xj\(^x^y). bv (IMSCL2I) 
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Two immediate consequences of this identity are 

x = x j/\ (->x V T) and its dual x = x V (-ix J\ F). 

• Equation © can be derived as follows: 

xJ\(yV((xJ\z)V(-,xJ\u))) 

= (x J\ y) V ((x J\ z) V (x J\ (-ub <A u)) 
= (re </\ y) V ((a: </\ z) V ((a ^ -or) </\ u) 
= (x ^ y) V ((x J\ z) <V ((-x </\ a) </\ u) 
= (x ^ y) V ((x J\ z) <V (ni <A (a <A u)) 
= (x ^ y) V {{x V (x £ «)) ^ (-na; V z) 

= (a; J\ y) <V (x ^ z) 
= xJ\(yVz). 



(12) 



by (IMSCL2I) 



by © 

by (1MSCL1I) ' 
by © 

by (|MSCL2I) 



by © 

by ()MSCL3I) 



by JEJ 
by © 

by (IMSCL3D 

by na 



• Equation (JTUJ) , i.e., x J\ (y J\ x) = x J\ y, expresses a property of MSCL that one may 
call memory (the first evaluation result of x is memorized). We employ © to prove 
equation (fTQ|) : 

x <A (y J\ x) = x J\ (y J\ (-.y V x)) 
= x J\ ((-.y V x) J\ y) 
= {xj\ {-^yVx)) J\ y 
= (xj\ (-y V (x V (-«c </\ F)))) </\ y 
= (x ^ (-y V ((a; J\ T) V (-,1 <A F)))) <A y 
= (^(jVT))^!, 
= x J\ ((-.y V T) ^ y) 
= x J\{y J\ (->y V T)) 
= » y- 

Note that with y = T we find x </\ x = x. 

• Equation (fTT|) can be derived as follows: 

(x^y) <Vz = (x^ (niVy)) Vz 

= ((xVF)^(-xVy))Vz 
= (x ( A(yVz)) t V(-x ( A(FVz)) 
= (x^(yVz))V(-x^z). 

Theorem 1 (Completeness). For aiZ SCL-ierras i and t' , 
EqMSCL h f = t' <s=> MSCLh* = t'. 

Proof. According to Proposition[2]it suffices to prove that the axioms of CP mem are derivable 
from EqMSCL. In this proof we use F and V in the familiar way and also the definability 
of the conditional by x < y > z = (y J\ x) *V (~>y </\ z) (see Section l2~2j) . and equation ©, i.e., 

(j/ cA x) V (-.y cA z) = (y V z) ^ (-.y <V x). 



by © 

by (TMSCLlI' 
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|CPT|) : x <T > y = (T J\ x) V (F J\ y) = xV F = x. 

(ICP2)) : x < F > y = (F </\ x) V (T </\ y) = F V y = y. 

(ICP3)) : T«xt>F = (x</\ T) V (^x </\ F) = (-.x </\ F) = x by ([T2]>. 

(ICP4I) : To derive (|CP4p . i.e., x < (y < z > u) > v = (x <y > v) < z> (x <\u> v), to which we 
further refer to by L = R, we use the identity 

(x <V (y ^ z)) ^ {-.x V (u J\ z)) = ((x V y) J\ (-x V «)) </\ z, (13) 

which can be easily derived from equations Q and (|MSCL4[) . Then 

L = (X ^ x) <V {-.X v), 

with X = (z </\ y) V (~>z </\ u). Hence, X = (z V u) J\ (-.z V y) is derivable from EqMSCL, 
and so is -iJT = (z *V </\ (-iz V -<y). We derive 

L=([zV(^x)]^\ hzV(y^x)]) V 

([« V ,a «)] V H/ «/\ «)]) b y (El) 

= (z </\ (y </\ x)) V (-.a </\ (« </\ x)) V by and 

(«,A(^ycA«)) V^z^u^)) (iSCL7l) / 

- (z <A (y cA »)) *V (« cA hv <A «)) ^ 

(-* ^ (u ^ x)) V (-* ^ (-« </\ w)) by (IM8CL3|) 

= (z</\ ((v«Aar) < V(^ ( /\t;))) < V(^ t /\ ((« «A x) V (-u J\ v))) by <MSCL2> 
= fl. 

(|CPmcm[) : As argued in Section 112721 it is sufficient to derive axiom (|CPmem'[) . i.e., 

(w < y > (z < x > it)) <l x > v = («; <l y > z) <l x > v, 
say L = R. We will use equation ©, which we repeat here: 

X cA (y 'V [(X </\ Z) V (-UB </\ u)]) = x </\ (y V z). 
Wc derive 

L = (x J\ (w <y> (z<x> u))) V (-ix J\ v) 

= (x J\ [(y *V [z < x > it]) </\ (-iy V w)]) V (->x </\ u) 

= (x J\ [(y V [(x ^ z) V (-a ^ «)]) </\ (-t/ V iu)]) V (-a ^ w) 

= ([x ^ (y V [(x ^ z) V (-nx ^ u)])] £ (py V «;)) V (-x J\ v) by jSCL7l) 

= ([x ^ (y V z)} J\ (py V w)) V (px J\ v) by© 

= (x ( /\[(y t Vz)j\(-yV U ;)]) c V(-x ( A«) by (fSCL7l> 

= i?. 



□ 



5 Other short-circuit logics 

In this section wc consider some other variants of short-circuit logic. First we discuss a 
sequential variant of PL, and then two more variants that stem from axiomatizations of 
proposition algebra that are in between CP and CP mem . 
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5.1 Static short-circuit logic: SSCL 

In this section we prove that the equation x J\ F = F marks the distinguishing feature 
between MSCL and PL: adding this axiom to EqMSCL yields an equational characterization 
of PL (be it in sequential notation and defined with short-circuit evaluation). 

Definition 4. SSCL (static short-circuit logic) is the short-circuit logic that implies 
no other consequences than those of the module expression 

{T, -i, J\} □ (CP mero + {F<x>F = F) 

+ (->x = F <xt>T) + (x J\ y = y <ix> F)). 

Furthermore, we define EqSSCL as the extension of EqMSCL with the axiom x J\ F = F . 

Our first result is a very simple corollary of Theorem Q] 
Theorem 2 (Completeness). For all SGL-terms t and t' , 
EqSSCL M = t' <^=> SSCLh t = t'. 

Proof. Soundness, i.e., <^= follows trivially from Proposition [2] and the fact that (x J\ F = 
F) G EqSSCL. In order to show ==>• it is by Theorem [T] sufficient to show that the axiom 
F<xt>F = F is derivable in EqSSCL: F < x > F = (x J\ F) V (-.a; J\ F ) = F V F = F. □ 

Combining identity ([7]) (i.e., x J\ —*x = x J\ F) and x J\ F = F yields 

x J\ -ix = F and thus also x *V —>x = T. 

We prove that EqSSCL h x J\ (y J\ -ix) = F. The derivation is similar to the one we used 
to prove the memory property (JTT 



x cA (y J\ ns) = x J\ (y J\ (^y <V -a)) by © 

= x J\ ((-.i/ <V -*c) J\ y) by (|MSCL3P 

= (xj\ (-.y V -.a;)) J\ y 

= (xj\ hy V {-.x ^(x^ F)))) J\y by JE) 

= (x J\ (-.y V ((-a; ^ T) V (x ^ F)))) J\ y 

= (x^ <V ( {x J\ F) V ^ T)))) ^ y by (|MSUL3p / 

= (x ^ (-y V))^ by © 

= z </\ (->y c/\ y) 

= PI 

From this equation and the memory property, commutativity of J\ can be easily derived: 

x <A y = (y V -.y) </\ (x </\ y) 

= {yj\(x^y))^(^y^{x^y)) by© 

= y j\ x. (by (fit!)) and the above equation) (14) 

As a consequence, all distributivity and absorption axioms follow from EqSSCL, and it is 
not difficult to see that EqSSCL defines the mentioned variant of "sequential PL": this 
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follows for example immediately from |13| in which equational bases for Boolean algebra are 
provided, and each of these bases can be easily derived from EqSSCL (below we return to 
this point). 

Using equation (|14p (i.e., the commutativity of J\) we can establish in a simple way an 
equivalent characterization of SSCL. Recall that CP s t a t is defined in Section 12.31 as the 
extension of CP with the contraction law (p} (i.e., x<y>(v<y>w) — x <y > w) and the 
axiom (|CPstat[) . i.e., 

(x < y > z) < u > v = (x < u > v) < y > (z < u > u). 

We show that CP s t a t and (CP mem + (F<x[>F = F)) are equally strong: 



CP s tat b x < y > (z < it > (u < y > w)) 

= x <y > ((v < y t> w) < (F < u t> T) t> z) bv (|CP4j) 

= x < y > ((u < (F < u > T) > 2;) < y > (w < (F < u > T) > 2)) by (|CPstat[) 

= x < y > (if < (F < u > T) > z) by ([I]) 

= x < y > (z < u > w), bv (|CP4j) 



and hence CP s t Q t b (jCPmcmP . Furthermore, we showed in Section [2~3l that CP s t Q t b v = 
v < y > v and thus CP s t a t hF<u>F = F, which proves the first part of the mentioned 
characterization. Now, recall that the contraction law ([TJ is derivable in CP mem . Using 
equation (|14|) in conditional notation we derive 

(CP mem + ( F < x > F = F)) b (x<y\>z)<u>v 



= (x <\y > (z <ui> v)) < u > v 


bv (|CPmem'| 


= [x <l y > {z < u > v)) < u > (z < u > u) 


by © 


= x < (y < it > f) > (z < it > v) 


by (|CP4|) 


= x < (u < y > F) > (z < it > v) 


by (HU) 


= (x <lit > (z < u > «)) < y > (z < u > w) 


by (|CP4|) 


= (x<ui>v)<y>(z<iM> v). 


by © 



Hence (CP mem + (F < x > F = F)) b (jCPstatp and we have the following corollary. 
Corollary 1. SSCL equals 

{T,^,J\} O (CP stat + (^x = F<x>T) + (xJ\y = y<x>F)). 

Hoare proved in [10] that each tautology in PL can be (expressed and) proved with his 
axioms for the conditional. According to [5], this also holds for CP s t a t, and thus also for 
EqSSCL if we identify the symmetric connectives with their left-sequential counterparts. 

5.2 Contractive and Repetition-Proof short-circuit logic 

We briefly discuss two other variants of short-circuit logics which both involve explicit ref- 
erence to a set A of atoms (propositional variables). Both these variants are located in 
between SCL and MSCL. 
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In [B] we introduced CP cr (contractive CP) which is defined by the extension of CP with 
these axiom schemes (a £ i): 

(x < a> y) < a > z = x < a > z, (CPcrl) 
x<la>(y<lal>z) = a; < a > (CPcr2) 

These schemes contract for each atom a respectively the true-case and the false-case. We 
write Eq cr (A) to denote the set of these axioms schemes in the format of module algebra [5] . 

Definition 5. CSCL (contractive short-circuit logic) is the short-circuit logic that 
implies no other consequences than those of the module expression 

{T,^,J\,a | a g A} □ (CP + Eq cr (A) 

+ (-ix = i ;, <a;>r} + (a; ( /\2/ = 2/<a;>i ? )). 

The equations defined by CSCL include those that are derivable from EqFSCL (see Ta- 
ble [5]) and the following immediate counterparts of the axiom schemes (|CPcrl[) and (|CPcr2p 
(for a e A): 

a J\ (a V x) = a, (15) 
a V (a J\ x) = a. (16) 



Observe that from EqFSCL and equation schemes ([15]) and (|T6|) the following equations can 
be derived (a E A): 

a J\ a = a, a ( Va = a, 

-ia J\ (->a Vi) = -io, V (-ia J\ x) = ->a, 

—<a J\ —>a = -ia, -ia V = -ia. 

Furthermore, it is not hard to prove that the following two equation schemes (a € A) are 
also valid in CSCL: 

aV ^a = aVT, (17) 
a j\ -.a = a J\ F. (18) 

The question whether the extension of EqFSCL with the equation schemes (fT5|) — (|18p 
provides for closed terms an axiomatization of CSCL is left open. An example that illustrates 
the use of CSCL concerns atoms that define manipulation of Boolean registers: 

• Consider atoms set and eq:i:j with i £ {l,...,n} (the number of registers) and 
j G {T, F} (the value of registers). 

• An atom set :i:j can have a side effect (it sets register i to value j) and yields upon 
evaluation always true. 

• An atom eq : i : j has no side effect but yields upon evaluation only true if register i 
has value j. 

Clearly, the consequences mentioned above are derivable in CSCL, but x J\ x = x is not: 
assume register 1 has value F and let t = eq:l:F J\ set:l:T. Then t yields true upon 
evaluation in this state, while t Js t yields false. 
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aj\{a < yx)=aj\{a < y y ) (cf. flCPrplD ) (19) 

flV(flJ\i)=(iV(fl^!/) (cf. ( |CPrp2D ) (20) 

(a <V -ia) </\ x = (-.a J\ a) V a; (21) 

(-■a V a) </\ x = (a </\ -.a) V x (22) 

(a </\ -ia) J\ x — a J\ ->a (23) 

(^a J\ a) J\ x = J\ a (cf. (|SCL6j) l (24) 

(a V y) </\ (a </\ -a) - V (a ^ -a)) </\ (y </\ (a ^ -a)) (25) 

(xVy) ( A(-a ( Aa) = (^ t V(-a c Aa)) ( A(y ( /\(-a ( Aa)) (cf. |SCL8|) (26) 

(x <V y) J\ (a V -a) = M(«V -a)) -a)) (27) 

(x V y) J\ (-a V a) = (x J\ (-ia V a)) V (y J\ (-a V a)) (cf. (ISCL91) ) (28) 

((a^a)Vy)^z = (a^a)V(y^z) (29) 

((-a^a)Vy)^z = (-a^ a )V(y^z) (cf. (|SCLT0| ) (30) 



Tabic 4: Equation schemes (a <E A) for RPSCL 



In [6] we also introduced CP rp (repetition-proof CP) for the axioms in CP extended with 
these axiom schemes (a e A): 

(x<a>y)<at>z = (x <i a i> x) <at> z, (CPrpl) 
x<al>(j/<lal>z) = x<a>(z<at>z). (CPrp2) 

It is easily seen that the axiom schemes ( |CPrpl[ ) and ( |CPrp2[ ) are derivable in CP cr (so 
CP cr is also an extension of CP rp ). We write Eq rp (A) to denote the set of these axioms 
schemes in the format of module algebra [3]. 

Definition 6. RPSCL (repetition-proof short-circuit logic) is the short-circuit logic 
that implies no other consequences than those of the module expression 

{T,p,J\,a\aeA} □ (CP + Eq rp (A) 

+ (-ix = F <x>T) + (x J\ y = y <x> F)). 

The equations defined by RPSCL include those that are derivable from EqFSCL (see 
Tabic [2]) and Tabic |4j In Table 21 equation schemes (fl~9|) and ((20]) are the immediate 
counterparts of the axiom schemes ( |CPrpl[ ) and ( |CPrp2[ ), and equations schemes (|2 1 1) and 
(|22|) are the counterparts of the identity T J\ x = F V x. Equation schemes (|23|) — arc 
the counterparts of the remaining EqFSCL-equations that involve T or F. We do not know 
whether the extension of EqFSCL with the equation schemes in Table 2] provides for closed 
terms an axiomatization of RPSCL. It is easily shown that all equation schemes in Table [4] 
follow from EqFSCL extended with the equation schemes (TT5l) — (TT5|) for CSCL. 

An example that illustrates the use of RPSCL is a combination of the examples on FSCL 
(Fig.[T]) and CSCL. Consider simple arithmetic expressions over the natural numbers (or the 
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integers) and a programming notation for imperative programs or algorithms in which each 
atom is either a test or an assignment. Assume that assignments when used as conditions 
always evaluate to true (next to having their intended effect). Then, these atoms satisfy 
the equations in Tables [5] and 0J However, the atom (n=n+l) clearly does not satisfy the 
contraction law a J\ a = a because ((n=n+l) J\ (n=n+l)) J\ (n==2) and (n=n+l) J\ (n==2) 
yield different evaluation results. Hence wc have a clear example of the repetition-proof 
characteristic of RPSCL. 

6 Conclusions and future work 

In our paper [6J we introduced proposition algebra using Hoarc's conditional x < y > z and 
the constants T and F. We distinguished various valuation congruences that are defined by 
means of short-circuit evaluation, and provided axiomatizations of these congruences: CP 
(four axioms) characterizes the least identifying valuation congruence we consider, and the 
extension CP mem (one extra axiom) characterizes the most identifying valuation congruence 
below propositional logic. Various other valuation congruences in between these two and 
axiomatizations thereof are also described in [BJ . In our paper [7] we provide an alternative 
valuation semantics for proposition algebra in the form of Hoare McCarthy algebras (HMAs) 
that is more elegant than the semantical framework introduced in [BJ : HMA-bascd semantics 
has the advantage that one can define a valuation congruence without first defining the 
valuation equivalence it is contained in. 

This paper arose by an attempt to answer the question whether the extension of CP mem 
with -i and J\ characterizes a reasonable logic if one restricts to axioms defined over the 
signature {T, ->, J\} (and with F and V being definable). After having found an axiomati- 
zation of MSCL (memorizing short-circuit logic), we distinguished FSCL (free short-circuit 
logic) as the most basic (least identifying) short-circuit logic, where we took CP as a point 
of departure. We used the module expression 

SCL = {T,-. )c /\} □ (CP + (-.x = F <x>T) + (x J\y = y<x>F)) 

in our generic definition of short-circuit logics (Definition [lj and presented the set EqFSCL 
of equations that are derivable in FSCL. However, we did not prove independence and 
completeness of EqFSCL, although we have not found FSCL-identities that are not derivable 
from EqFSCL. 

We used a Perl program to illustrate that FSCL is a reasonable logic. A next question is 
to provide a natural example that supports MSCL. A first idea is to consider only programs 
(say, in a Perl-like language) that allow in conditions only (comparative) tests on scalar 
variables (no side effects), but also special conditions that test whether a program- variable 
has been evaluated (initialized) before, say eval$x for scalar variable x. This combines well 
with the consequences of MSCL, but refutes identities that are typically not in MSCL, such 
as for example ($x==$x) J\ (eval$x) = (eval$x) J\ ($x==$x) where the left-hand side always 
evaluates to true, while the right-hand side can yield false. 

The extension of CP mem with the axiom F < x > F — F that defines SSCL (static short- 
circuit logic) yields an axiomatization of static CP (a sequential variant of PL) that is more 
elegant than the one provided in Section 12.31 and in [BJ : it is a simple exercise to derive the 
axiom (jCPstatp using the expressibility of conditional composition and commutativity of 
and V (and hence full distributivity) . We say a little more about this matter in Appendix [Cl 
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In [BJ, more variants in between CP and CP meTO are distinguished, and thus more short- 
circuit logics can be defined. In this paper we defined CSCL (contractive short-circuit logic) 
and RPSCL (repetition-proof short-circuit logic), and listed some obvious equations for 
the associated extensions of EqFSCL, but leave their completeness open. Furthermore, we 
provided examples on the applicability of CSCL and RPSCL. 

The focus on left-sequential conjunction that is typical for this paper leads to the following 
considerations. First, the valuation congruences that we consider can be axiomatized in a 
purely incremental way: the axiom systems CP rp up to and including CP s t a t as defined 
in [BJ all share the axioms of CP and each next system can be defined by the addition of 
either one or two axioms, in most cases making previously added axiom(s) redundant (the 
last inter-derivability Hh is explained in Section [5 . 1[) : 

CP rp = CP + dCPrpip + QCPrp2D , 
CP cr Hh CP rp + (ICPcrlll + (ICPcr2l) . 
CP mem + CP^ + (ICPmcml) . 

CP stat Hh CP mem + {F<x>F = F). 

(In [BJ we also define weakly memorizing valuation congruence that has an axiomatization 
with the same property in between CP cr and CP mem .) Secondly, the focus on left-sequential 
conjunction led us to a new, elegant axiomatization of CP s t a i (see Appendix [C|) consisting 
of five axioms that are simpler than those of CP s t a t (which stem from the eleven axioms 
in Hoare's paper |10j). Of course, "simple and few in number" is not an easy qualification 
in this case: with the axioms x < T t> y = x and x < F > y = y, each other pair of axioms 
L\ = Ri and L>2 = R2 can be combined with a fresh variabele, say u, to a single axiom 
L\ < u > L2 = Ri < u > i?2- So, each extension of CP can be defined by adding a single (and 
ugly) axiom to CP (and CP itself can be axiomatized with three axioms). 

Future work 

1. A perhaps interesting variant of SCL is obtained by leaving out the constant T in 
the exported signature (and thus also leaving out F as a definable constant). This 
weakened variant of SCL can be motivated by the fact that these constants are usually 
absent in conditions in imperative programming (although they may be always used; 
also T can be mimicked by a void equality test such as (1 == 1) in Perl). On the 
other hand, it might be judged inappropriate to define a logic about truth and falsity 
in which one cannot express true as a value (up to and including MSCL). Observe that 
in "SCL without T" only the EqFSCL-equations expressing duality, double negation 
shift, and associativity (equations (|SCL2[) . (|SCL3|) and (|SCL7p . respectively) remain. 
Moreover, these axioms also yield a complete axiomatization of SCL-congrucnce (this 
is work to appear). A more pragmatic point of view on "SCL without T" is to define 
the set of conditions over set A of atoms by 

{T, F}U{t\t& closed term over V, -., a | a € A}} 

(so T and F do not occur in compound conditions). In this case, the EqFSCL-equations 
(|SCL1|) (expressing F = ->T), (|SCL2|) . (|SCL3|) and (|SCL7|) yield a complete axioma- 
tization of SCL-congrucnce on conditions. 
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In [I] a connection is proposed between short-circuit logic and instruction sequences as 
studied in program algebra [4j[5]. In particular, the relation between non-atomic test 
instructions (i.e., test instructions involving sequential connectives) and their decom- 
position in atomic tests and jump instructions is considered, evolving into a discussion 
about the length of instruction sequences and their minimization. Also, the paper pQ 
contains a discussion about a classification of side effects, derived from a classification 
of atoms (thus partitioning A), and a consideration about "real time" atoms, as for 
example (heigth > 3000 meter). We expect that these matters will lead to future 
work. 
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A The Perl program Not.pl 

my $x = 0; 

print "\n \$x=$x (assignment) \n" ; 

if ( (($x=$x+l) && not($x=$x+l)) I I $x==2 ) 

{print " \"((\$x=\$x+l) kk not (\$x=\$x+l) ) II \$x==2\" is true \n\n";> 
else 

{print " \" \" is false \n\n";> 
$x = 0; 

print " \$x=$x (assignment) \n" ; 

if ( (not($x=$x+l) kk ($x=$x+l)) II $x==2 ) 

{print " \" \" is true \n";} 
else 

{print " \"(not(\$x=\$x+l) kk (\$x=\$x+D) II \$x==2\" is false \n";> 



B Derivability of axioms SCL8 - SCL10 from EqMSCL 

We prove that the EqFSCL-equations (|SCL8[) — (|SCL10|1 can be derived from the axiom- 
atization EqMSCL (see Table [3} of MSCL. (Of course, derivability of all closed instances 
of these equations follows from Theorem [TJ and the fact that MSCL identifies more than 
FSCL.) 

In the derivations below we use equation (fTT]) and its dual (fTTj)'. that is, 

(x <V y) J\ z = (x V (y J\ z)) £ (na V z). 

EqMSCL h (|SCL8p . With the identity {z J\ F) = (z J\ F) J\ u wc derive 

(x Vy)j\(zJ\F) 

= ( I V(^(z^F)))^(^V(z^f)) by dD / 

= (ng <V (z £ F) ) ^ (x ^(yj\(zjs F))) by (|MSCL3P 

= V [{zj\ F ) J\ (yj\ (z £ F )) ]) J\ 

(xV(yJ\ (z^F))) 
= U'V (zJ\F))j\ (yj\ (zJ\F)). by(UTD' 
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EqMSCL h (|SCL9p . With the identity (z V T) = (z V T) V u we derive 



(:rVy)^(zVT) 

= (xV(y^(zVT)))^(^V(zVT)) bydD' 

= {xj\ (z V T) ) V (^x J\(yJ\(z^ T))) by © 
= (x [ (zVT)V(y^(zVT)) }) V 
(px ^(^(^ T))) 

EqMSCL h (|SCL10[I . This equation can be derived as follows: 

{{x J\ F) V y) J\ z = ((x J\ -.*) V 2/) </\ 2 by © 

= ((z V y) «/\ Vy))^z by ©' 

= ((a </\ y) V (^x J\y))j\z by © 

= (xV(^z))^\b^/(^z)) bv (IMSCL4I) 

= (a; </\ -<b) V(yJ\z) by ©' 

= (x^F) V (y^z). by© 
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x < T > y = x (ICPTj) 

x<F>y=y (|CP2|) 

T<x>y = T<yt>x (CP3*) 

x < (y < z > w) > u = (a; < y > v) < z > (x < u > u) (|CP4|) 

(x<yt>z)<y>F = x<lyf>F (CP5) 



Table 5: CP* tat , a set of axioms for static CP 



C Simple axioms for static CP 

A very simple axiomatization of static CP (see Section 12. 3[) is provided in Table [5] and we 
write CP* tQt for this set of axioms. 

Compared to CP, axiom (|CP3*|) is a strengthening of axiom (|CP3| (i.e., T < x > F = x) 
that also implies x V y = y ^ x and thus x c VT = T c \/x = T. Axiom (|CP5|) implies the 
absorption law x J\ (x V y) = x, and also xJ\^x~F<x>F = xJ\F. Observe that 
the duality principle is derivable in CP* tQt (because it derivable in CP, cf. Section [2~Tjl , so 
x J\ y = y J\ x, and thus x </\ ->x = x r J\F = F ( J\x = F. Also, distributivity is derivable in 

CP s tat : 

xV(yJ\z)=T<x>(z<iy>F) 

= T<{z<y>F)>x by (|CP3*|) 

= (T<3z>x)«y>x by ([CP4]) and (fCP2|) 

= (T<a:>z)<ij/>(T<a:>.F) by (|CP3*|l 

= (T«x>z)<iy[>((T<ix>z)<ix[>F) by (fCP5|) 

= (T < x > z) < (T < y > x) > F by |CP4)) and (fCPT]) 

= (T < x > z) < (T < x > y) > F by (|CP3*|) 

= (x V y) </\ (x *V z). 

With the translation x <i y [> z = (y </\ x) "V (->y ^ z) it is a simple exercise to derive the 
CPstat-axioms (|CPstat[) and ((T|) in CP* tQt : 

(x < u > u) < y > (z < u > u) 

= (y ^ [(u ^ x) V (-.u ^ w)]) V (-,» ^ [(u </\ z) V (-.u </\ w)]) 
= (V <A " cA ^) *V (2/ c/\ --u </\ u) V (-.y </\ u J\ z) V (-.y ^ </\ w) 
= (y </\ u ^ x) V ((y V -y) </\ -.u </\ «) V (-y </\ u J\ z) 
= (uj\ [(y ^ x) V (-y ^ z)]) V J\ v) 
= (x < y > z) < u > v, 
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and 



(x <y > z) <y > u 



(y J\ [(y J\ x) V {^y J\ z)\) "V (-.y </\ u) 

(y cA y cA %) ^ (y <A -y <A z ) ^ (->y <A it) 
(y <A ar) V (-.y <A tt) 



= x < y > m. 



Hence, CP* tat is a complete axiomatization of static CP. In [12] it is proved that CP s t a t is 
w-complete, so CP* tat is w-complete as well. 

Next, we show that the axioms of CP* tat are independent. Inspired by |12j we provide 
the following independence-models, where P, Q and R range over closed terms, and where 
a and b are two atoms and <f> is the interpretation function. The domain of the first two 
independence-models is {T, F} and the interpretation refers to classical propositional logic. 

1. The model defined by <j>{T) = F, <j>{F) = (j){a) = 0(6) = T and <j>{P <Q> R) = 
4>(Q) A <f>(R) satisfies all axioms but (|CP1[) . 

2. The model defined by 0(T) = 0(a) = 0(6) = T, 0(F) = F and 0(P <Q>R) = 0(P) 
satisfies all axioms but (|CP2j) . 

3. Each model for CP mem that does not satisfy a V 6 = 6 *V a, satisfies all axioms 
but (|CP3*|) . Such models exist and arc discussed in [6j [7] . 

4. The model with the natural numbers as its domain, and the interpretation defined by 



satisfies all axioms but (fCP4|) : 0(P <a>T) = 0(a) • 0(T) = 0, so 

(/)(F<(F<at>T)>T) = 0(P) = 1, 
while 0((P <\F>T)<at>(F<\Tt>T)) = 0(a) ■ 0(P) = 2. 
5. The model with the integers numbers as its domain, and the interpretation defined by 
0(T) = 0, 0(F) = 1, 0(a) = 2, 0(6) = 3, 

0(p <j q > r) = (i - 0(g)) • 0(p) + 0(g) • 0(p), 

satisfies all axioms but (|CP5j) : 0(T <a> F) =2, while 

0((T < a > F) < a > F) = (1 - 2) • 2 + 2 • 1 = 0. 
A proof of the validity of axioms (|CP3*|) and (|CP4|) is a simple arithmetical exercise. 

Finally, we note that CP* tat has an elegant, symmetric nature: exchanging (|CP3*|) with 
x < y > F = y < x t> F and (|CP5[) with T<x>(y<x>z) = T < x \> z yields an equally 
strong axiomatization. Moreover, the resulting axioms are also independent (modifying the 
independence proofs given above is nothing more than a simple exercise). 



4>(T) 



0, 0(F) = 1, 0(a) = 2, 0(6) = 3, 



4>(P<Qt>R) 



>(p) if 0(g) = 0, 

< 0(F) if 0(g) = 1, 

0(g) • 0(F) otherwise, 
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